CVEs from 2026
Total
14,036
critical
critical 1,232
high
high 4,634
medium
medium 4,444
low
low 484
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 522
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 239
- openclaw 172
- commerce 104
- commerce_b2b 89
- grafana 80
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31503 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udp_sock to a local address and port, UDP uses two hashes (… | |||
| CVE-2026-31499 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() l2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer and id_a… | |||
| CVE-2026-31498 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop l2cap_config_req() processes CONFIG_REQ for channels in BT_CONN… | |||
| CVE-2026-31497 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: clamp SCO altsetting table indices btusb_work() maps the number of active SCO links to USB alternate settings t… | |||
| CVE-2026-31496 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: skip expectations in other netns via proc Skip expectations that do not reside in this netns. Si… | |||
| CVE-2026-31495 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations i… | |||
| CVE-2026-31492 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize free_qp completion before using it In irdma_create_qp, if ib_copy_to_udata fails, it will call irdma_destr… | |||
| CVE-2026-31491 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions An issue was exposed where OS can pass in U32_MAX for SQ/RQ/SRQ size. This can cau… | |||
| CVE-2026-31487 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: spi: use generic driver_override infrastructure When a driver is probed through __driver_attach(), the bus' match() callback is c… | |||
| CVE-2026-31483 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but d… | |||
| CVE-2026-31482 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: s390/entry: Scrub r12 register on kernel entry Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"), all entry handlers … | |||
| CVE-2026-31481 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data c… | |||
| CVE-2026-31480 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 … | |||
| CVE-2026-31472 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet tot_len and ihl fields pa… | |||
| CVE-2026-31465 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB_I_NO_DATA_INTEGRITY superblock flag for fi… | |||
| CVE-2026-31462 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent immediate PASID reuse case PASID resue could cause interrupt issue when process immediately runs into hw stat… | |||
| CVE-2026-31461 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix drm_edid leak in amdgpu_dm [WHAT] When a sink is connected, aconnector->drm_edid was overwritten without fre… | |||
| CVE-2026-31460 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check if ext_caps is valid in BL setup LVDS connectors don't have extended backlight caps so check if the pointe… | |||
| CVE-2026-31459 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix param_ctx leak on damon_sysfs_new_test_ctx() failure Patch series "mm/damon/sysfs: fix memory leak and NULL d… | |||
| CVE-2026-31458 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0] Multiple sysfs command paths dereference contexts_arr[0] with… | |||
| CVE-2026-31457 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts->nr in repeat_call_fn damon_sysfs_repeat_call_fn() calls damon_sysfs_upd_tuned_intervals(), damon_… | |||
| CVE-2026-31451 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio Replace BUG_ON() with proper error handling when inline… | |||
| CVE-2026-31445 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: avoid use of half-online-committed context One major usage of damon_call() is online DAMON parameters update. It … | |||
| CVE-2026-31443 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix crash when the event log is disabled If reporting errors to the event log is not supported by the hardware, … | |||
| CVE-2026-31441 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxd_wq_disable_cleanup() which is called from the reset path for a workqueue… | |||
| CVE-2026-31440 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration re… | |||
| CVE-2026-31439 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devm_regmap_init_mmio returns an ERR_PTR() upon error, not NULL. Fix the … | |||
| CVE-2026-31438 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel BUG in netfs_limit_iter() for ITER_KVEC iterators When a process crashes and the kernel writes a core dump to a… | |||
| CVE-2026-31437 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry When a write subrequest is marked NETFS_SREQ_NEED_RETRY,… | |||
| CVE-2026-31434 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group space_info When create_space_info_sub_group() allocates elements of space_info->sub… | |||
| CVE-2026-6844 | medium | 5.5 | 5.5 | 1mo ago | A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable … | |||
| CVE-2026-6843 | medium | 5.5 | 5.5 | 1mo ago | A flaw was found in nano. A local user could exploit a format string vulnerability in the `statusline()` function. By creating a directory with a name containing `printf` specifiers, the application … | |||
| CVE-2026-22748 | medium | — | 5.5 | 1mo ago | Spring Security has Potential Security Misconfiguration when Using withIssuerLocation | |||
| CVE-2026-22747 | medium | — | 5.5 | 1mo ago | Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates | |||
| CVE-2026-40608 | medium | 5.5 | 5.5 | 1mo ago | Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains three POST handlers (/api/state, /api/restore, … | |||
| CVE-2026-3219 | medium | — | 5.5 | 1mo ago | pip handles concatenated tar and ZIP files as ZIP files regardless of filename or whether a file is both a tar and ZIP file. This behavior could result in confusing installation behavior, such as ins… | |||
| CVE-2026-31429 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2 va… | |||
| CVE-2026-40881 | medium | — | 5.5 | 2mo ago | Zebra: addr/addrv2 Deserialization Resource Exhaustion | |||
| CVE-2026-3590 | medium | — | 5.5 | 2mo ago | Mattermost has session spoofing due to lack of single-use consumption of guest magic link tokens enforcement | |||
| CVE-2026-28741 | medium | — | 5.5 | 2mo ago | Mattermost doesn't validate CSRF tokens on an authentication endpoint | |||
| CVE-2026-40919 | medium | 5.5 | 5.5 | 2mo ago | A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacke… | |||
| CVE-2026-40918 | medium | 5.5 | 5.5 | 2mo ago | A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bou… | |||
| CVE-2026-40916 | medium | 5.5 | 5.5 | 2mo ago | A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM… | |||
| CVE-2026-41062 | medium | — | 5.5 | 2mo ago | WWBN AVideo has an Incomplete fix: Directory traversal bypass via query string in ReceiveImage downloadURL parameters | |||
| CVE-2026-40091 | medium | — | 5.5 | 2mo ago | SpiceDB's SPICEDB_DATASTORE_CONN_URI is leaked on startup logs | |||
| CVE-2026-25133 | medium | — | 5.5 | 2mo ago | October Rain has Stored XSS via SVG Filter Bypass | |||
| CVE-2026-25125 | medium | — | 5.5 | 2mo ago | October Rain has Environment Variable Exfiltration via INI Parser Interpolation | |||
| CVE-2026-40311 | medium | — | 5.5 | 2mo ago | ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash… | |||
| CVE-2026-33103 | medium | 5.5 | 5.5 | 2mo ago | Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32181 | medium | 5.5 | 5.5 | 2mo ago | Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally. | |||
| CVE-2026-32214 | medium | 5.5 | 5.5 | 2mo ago | Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32084 | medium | 5.5 | 5.5 | 2mo ago | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32079 | medium | 5.5 | 5.5 | 2mo ago | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||
| CVE-2026-27930 | medium | 5.5 | 5.5 | 2mo ago | Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-20806 | medium | 5.5 | 5.5 | 2mo ago | Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32212 | medium | 5.5 | 5.5 | 2mo ago | Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32218 | medium | 5.5 | 5.5 | 2mo ago | Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32217 | medium | 5.5 | 5.5 | 2mo ago | Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32216 | medium | 5.5 | 5.5 | 2mo ago | Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally. | |||
| CVE-2026-32215 | medium | 5.5 | 5.5 | 2mo ago | Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32085 | medium | 5.5 | 5.5 | 2mo ago | Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally. | |||
| CVE-2026-32081 | medium | 5.5 | 5.5 | 2mo ago | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | |||
| CVE-2026-27931 | medium | 5.5 | 5.5 | 2mo ago | Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-31428 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD __build_packet_message() manually constructs the NFULA_… | |||
| CVE-2026-31427 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp process_sdp() declares union nf_inet_addr rtp_addr … | |||
| CVE-2026-31425 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registration before IB connection is established rds_ib_get_mr() extracts the rds_ib_connection from conn->c… | |||
| CVE-2026-31424 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Weiming Shi says: xt_match and xt_target… | |||
| CVE-2026-31423 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. … | |||
| CVE-2026-31422 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle t… | |||
| CVE-2026-31421 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and der… | |||
| CVE-2026-31420 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic br_mrp_start_test() and br_mrp_start_in_test() accept the user-supplied… | |||
| CVE-2026-31418 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops t… | |||
| CVE-2026-31416 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug fix: NLMSG_DONE needs to account for t… | |||
| CVE-2026-31415 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a locally triggerable kernel b… | |||
| CVE-2026-31412 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks() The `check_command_size_in_blocks()… | |||
| CVE-2026-34500 | medium | — | 5.5 | 2mo ago | CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled and FFM is used in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M14 through 11.0.20… | |||
| CVE-2026-24661 | medium | — | 5.5 | 2mo ago | Mattermost MS Teams plugin doesn't limit the request body size on the /changes webhook endpoint | |||
| CVE-2026-32591 | medium | 5.5 | 5.5 | 2mo ago | A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the spec… | |||
| CVE-2026-31411 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer available at [1]. The ATM send path (sendmsg -> vcc… | |||
| CVE-2026-28264 | medium | 5.5 | 5.5 | 2mo ago | Dell PowerProtect Agent Service, version(s) prior to 20.1, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potenti… | |||
| CVE-2026-39413 | medium | — | 5.5 | 2mo ago | lightrag-hku: JWT Algorithm Confusion Vulnerability | |||
| CVE-2026-5745 | medium | 5.5 | 5.5 | 2mo ago | A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL … | |||
| CVE-2026-5679 | medium | 5.5 | 5.5 | 2mo ago | A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_B20221024. The impacted element is the function vsetTr069Cfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argum… | |||
| CVE-2026-34764 | medium | 5.5 | 5.5 | 2mo ago | Electron: Use-after-free in offscreen shared texture release() callback | |||
| CVE-2026-31410 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION Use sb->s_uuid for a proper volume identifier as the primary choice. For files… | |||
| CVE-2026-23210 | medium | — | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebui… | |||
| CVE-2026-35201 | medium | — | 5.5 | 2mo ago | rdiscount has an Out-of-bounds Read | |||
| CVE-2026-2625 | medium | 5.5 | 5.5 | 2mo ago | A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager (RPM) file. During the RPM signature verification process, th… | |||
| CVE-2026-5475 | medium | 5.5 | 5.5 | 2mo ago | A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can… | |||
| CVE-2026-31400 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix cache_request leak in cache_release When a reader's file descriptor is closed while in the middle of reading a cache_… | |||
| CVE-2026-31394 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations ieee80211_chan_bw_change() iterates all stations and accesse… | |||
| CVE-2026-31391 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads. | |||
| CVE-2026-31390 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xe_vm_madvise_ioctl When check_bo_args_are_sane() validation fails, jump to the new free_vmas cleanup … | |||
| CVE-2026-23475 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu statistics is not allocated until after the controller has been registered … | |||
| CVE-2026-23474 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, commit 439a1bcac648 … | |||
| CVE-2026-23472 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room() and uart_write() behave inconsistently when xmi… | |||
| CVE-2026-23470 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix deadlock in soft reset sequence The soft reset sequence is currently executed from the threaded IRQ handler,… | |||
| CVE-2026-23468 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries vi… | |||
| CVE-2026-23467 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe intel_dmc_update_dc6_allowed_count() oopses when DMC hasn't been in… | |||
| CVE-2026-23465 | medium | 5.5 | 5.5 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: log new dentries when logging parent dir of a conflicting inode If we log the parent directory of a conflicting inode, we … |